BIOS Security

Explore a critical analysis of BIOS security in this 59-minute Black Hat USA 2013 conference talk. Delve into the implementation of Static Root of Trust for Measurement (SRTM) in pre-NIST 800-155 laptops, uncovering vulnerabilities in BIOS configurations and signed update requirements. Discover how a small SRTM patch can compromise TPM integrity measurements, potentially undermining system trust. Learn about persistent BIOS malware and innovative academic techniques for verifying BIOS integrity through timing side-channels. Gain valuable insights into the complexities of hardware-based security measures and their potential weaknesses.